1. My Caddy version (caddy -version
):
1.0.3
2. How I run Caddy:
On window, run with command “caddy.exe -log log.txt” as startup services
d. My complete Caddyfile:
#Caddyfile
http:// {
redir / https://{host}{uri}
}
https:// {
tls self_signed server.crt server.key
status 444 /
log / suspicious_access.txt {
rotate_size 8
rotate_age 7
rotate_keep 7
rotate_compress
except /jenkins
}
errors suspicious_error.txt {
rotate_size 8
rotate_age 7
rotate_keep 7
rotate_compress
}
}
server.com:80 {
redir / https://{host}{uri}
}
server.com:443 {
gzip
log / access.txt {
rotate_size 8
rotate_age 7
rotate_keep 7
rotate_compress
except /jenkins
}
errors errors.txt {
rotate_size 8
rotate_age 7
rotate_keep 7
rotate_compress
}
proxy /jenkins http://localhost:8080 {
transparent
}
rewrite / {
if {uri} not_starts_with /jenkins
to /404
}
status 404 {
/404
}
}
3. The problem I’m having:
Using free Bitdefender as window security, it usually show security concern popup for all weird http request when caddy open on port 80. Only if it call on ip interface (http://127.127.127.127:80) and not on serverdomain.com. I try redir all direct http access to error 404 to prevent further popup. It works for “most” of them.
When run caddy with command catch all “-log log.txt” show all external ip address when it access website on direct ip. But it did not show the full URI of GET request.
I was expecting these line would create log file for all access same as command “-log” but it did not
http:// {
log / access.txt
}
I have no experience nor knowledge in website part. So now I am just curious with how these random IP call work and what it is doing. Anyway to show more detail log would be much appreciated.